Category Archives: Cyber Security

Cyber Security, Ride Sharing, Uber

[VIC – 75] Uber is dead šŸ’€ . WannaCry šŸ˜­ ransomware. Seeking out the other perspecive. Mute videos šŸ”‰ .

by

Busines & Money

Uber is dead in the water. The news of the Google + Lyft PartnershipĀ has to be the most devastating blow imaginable. Letā€™s lay out the reasons.
First off, letā€™s quickly define a couple terms. When it comes to innovation (as per Clayton Christiansen), you have two types: disruptive and sustaining. Disruptive innovation comes with not only a massive technological improvement, but more importantly a brand new business model. The innovator has thought up an entirely new way to go to market. On the other hand, while sustaining innovation also comes with technological improvement, it fits into the existing business model. It simply makes the existing advantages more powerful.
Up until now, I believe Uber has been in the lead due to their disruptive innovation in transportation. That innovation hasnā€™t been the technology itself (as shown by all the copy cats in ride sharing), but instead the business model. They have applied network effects to transportation and completely flipped the idea of car ownership on its head. šŸŒšŸŒšŸŒšŸŒ!!! Itā€™s now more economical to use a ride-sharing service in many instances than it is to own a car. With more drivers on the road, wait times for passengers decrease. With more riders, more drivers are incentivized to come on line. Itā€™s the perfect fly wheel! To boot, the company gathers more and more data as they handle more trips, thus allowing them to better optimize the entire system.
Now when considering the technology itself, that is the autonomous vehicle (AV) technology that takes ride sharing to the next level, Uber has not been in the lead. It is no secret that Google has been working on AV tech for a decade and a half. As a result, Google has an insane lead with regards to improving and iterating on the technology. For Uber, trying to compete with Google head to head on technology seems like a losing proposition. What they should have done is partnered with Google. Uberā€™s network + Googleā€™s technology would have been an unbeatable combination. And it almost happened. Google Ventures invested $258,000,000 in Uber back in 2013 which seemingly put the two in bed together.
But now Google is suing Uber over the alleged theft of Google IP. On other words, the relationship has soured. In response, Uber has partnered with Lyft and delivered what could be the fatal blow to Uber. Googleā€™s tech now has a clear go-to-market strategy via Lyftā€™s network. The only way Uber can win now is to get to market first with a viable AV. I wouldnā€™t hold your breath.

Human Progress

A couple months back I wrote about digital security and how you can protect yourself. I left out one key recommendation: BACK EVERYTHING UP! (I actually donā€™t store much of anything on my hard drive these days. I have both Dropbox and Google Drive downloaded so that whenever I save a file, it is automatically stored in one of these services)
Now we find ourselves here in the midst of one of the worst ransomware attacks in history.
So what happened/is happening? Over the weekend a few hundred thousand computers were infected with ā€œWannaCryā€ ransomeware.
What is ransomware? Basically, someone will accidentally run malicious code on their computer, perhaps from downloading a sketchy attachment. Once the code (called ā€œransomwareā€) runs, some or all of the files on the hard drive are encrypted. The program then demands a ransom in exchange for decrypting the files. if the user doesnā€™t pay by a certain date, the files are lost forever.
In the case of WannaCry, the 7-day deadline hasnā€™t yet passed, so it is yet to be determined if the attackers will actually follow through on the threat.
There are a couple other points here that make this attack especially šŸŒšŸŒšŸŒšŸŒ.
First, WannaCry is particularly malicious in that it doesnā€™t need to downloaded by multiple users within a network. If, for example, one person at your company downloads it, the attack can spread on its own to other users in the network.
Secondly, WannaCry takes advantage of an exploit called EternalBlue which seems to have originated from the NSA. Apparently the NSA is stockpiling exploits (Iā€™d imagine so that they could use them for spying purposes if/when necessary) rather than notifying software providers so that vulnerabilities can be fixed. Looks like that one back fired!
So what can you do?
Again, back up your files! Also, donā€™t download sketchy attachments. If it makes you double take for even a second, donā€™t bother. Third, install regular software updates. I know these can be annoying and seemingly always popup at inconvenient times, but software publishers are constantly pushing updates to fix problems so things like the WannaCry attack canā€™t happen. (Iā€™m updating both iPhones as we speak).

Philosophy

I was recently talking to a friend about how to keep oneself intellectually honest. Hereā€™s the suggestion that they gave. ā€œWhen you come across a view point that you disagree with, seek out 2-3 other sources that confirm that viewpoint.ā€ It might not be practical to do this for every single thing you disagree with in life, but I think itā€™s a fantastic suggestion when it comes to big important things.
One example I can think of is North Korea. Pretty much everything that comes from the media about North Korea paints the country in a pretty bad light. And perhaps for good reason. But after seeing so much negative publicity about the country, I thought it couldnā€™t hurt to look for information that confirms the opposite perspective. One example I found was this article on Medium. And to be quite honest, the article makes a lot of sense.
And none of this is to say that your mind should necessarily be changed about any specific subject. I still sit clearly on the side of liberal democracy over soviet-style communism. But understanding a bit more information about the historical backdrop and understanding the perspective of others allows for more informed and constructive conversations.

My Latest Discovery

I recently discovered a great way to improve my interpersonal skills. It happened at the gym a couple weeks ago doing a cardio session on the bike. I couldnā€™t get the volume on the TV to work so I was forced to watch on mute. Instead of giving up on the TV and just listening to music, I decided to focus on the silent interview in front of me to try and pick up on the nonverbal cues of conversation. It was fascinating! The way people sit, how often they shift their weight, what they do with their hands while speakingā€¦ There was so much information to be gleaned.
So much of life involves interacting with other people. And so much of communicating with other people happens outside of whatā€™s being said. I think Iā€™ll adopt this practice of watching mute videos more often as practice for being more attentive to nonverbal signals.

Apology, artificial intelligence, Business Strategy, Cyber Security, Investing, Machine Learning, Poetry 2 Comments

[VIC – 69] Early stage investing. Everything is digital. We can do better. National Poetry Month. Flattery or plagiarism?

by

Business & Money

When thinking about early stage investment opportunities, conventional wisdom says that these are generally reserved for silicon valley elites. Thereā€™s a small cabal of elite VCs that get access to all of the best deals and companies, while most are shut out. Thus the astronomical returns that accrue to these firms far out pace what the average person can expect to make while investing.
While mostly true, there are a few other ways to get a foot in the door for early stage opportunities. Here are a few:
1) You can always invest in startups yourself. Title III of the Jobs Act opens up the opportunity for regular retail investors to get their turn at startup investing. Regular people can create an account with any number of equity crowdfunding platforms (e.g. SeedInvest, MicroVentures) to participate in startup fundraising. While Title III is a good thing in general terms, itā€™s very unlikely that Iā€™ll try my hand at picking individual companies. Chances are, all the best deals will be picked through by the VCs, angel syndicates, or individual angel investors. In other words, the equity crowdfunding platforms likely offer the bottom of the barrel in terms of investment opportunities. The platforms do take on some of the due diligence work to de-risk things a bit, but chances are youā€™ll still lose your money.
2) More realistically, you can try to take advantage of early stage opportunities by investing in public companies. For example, take artificial intelligence. Weā€™re clearly in the hype cycle for AI and every company, both large and small, are trying to participate in the ā€œAI gold rushā€. To understand where the investment opportunities lie, we first need a bit ot context. Without getting into the weeds, deep learning is a subset of machine learning that uses computational systems loosely modeled on the human brain. Deep learning systems require a lot of processing power and thus require advanced GPUs (graphical processing units) which are far more powerful than their CPU (central processing unit) brethren. There are basically 2 companies that own the GPU market, Nvidia and Advanced Micro Devices, and both are publicly traded. NVDA is up 285% this year and AMD is up 481%. Not bad at all for a public market returns.
3) One slightly more esoteric way to get involved, and somewhat similar to above, involves investing in underlying technologies. Not investing in companies that produce the underlying technology, but the technology itself. Iā€™ll give you two examples. First, think about the early days of the internet. Everyone and their mother were building internet based businesses and every one of those required a website. If you went on a buying spree in the 90s purchasing as many domain names as possible, you would be incredibly wealthy today. The average domain back then sold for around $0.50 – $5.00. Today, the average 5 letter word in the dictionary will cost you anywhere from $500,000 to $1,000,000 if you want to purchase the domain. That multiple is (you guessed it), šŸŒšŸŒšŸŒšŸŒšŸŒ! Secondly, Iā€™m betting that cryptocurrencies will explode over the next 5 years. The value has already gone up over 100x since inception, and I’d say were in the first inning with no outs. Iā€™ve been purchasing modest amounts of Bitcoin and Ethereum, the two leading cryptocurrencies, betting that they will be far more valuable in a few years. Iā€™m less worried about these as digital currencies or stores of value, and more excited by the applications that will be built on the underlying technology. Weā€™ll have to wait to see how this last one pans out.

Human Progress

If the 20th century was an industrial century, the 21st will be a digital one. Absolutely everything is going (or has gone) digital. Money, media, communication, commerce, conflictā€¦ everything. This transformation will, of course, bring great progress. But, it will also bring unprecedented risk. Cyber security risk that is. As the number of connected devices goes through the roof, so too do the number of vulnerabilities. Iā€™m no cyber security expert, so I wonā€™t try to delve into the details of the myriad vulnerabilities. Instead, Iā€™d like to suggest 3 simple ways to greatly improve your digital security profile.
1 Turn on 2-factor authentication (2FA) for your email. For those unaware, 2FA is the process by which you use a second device to verify your identity. So when you log into your email account on your laptop, it will ask you for a password that you need to retrieve from your phone (SMS). As a result, you have a second layer of protection from someone trying to gain unauthorized access. And, while you can also enable 2FA on many other applications, email lies at the crux of everything. Anytime you need to reset a password, the reset link is sent via email. Thus, if someone gains access to your email, they likely have access to everything.
2 Use a VPN (virtual private network). VPNs offer a simple way to protect the data being transmitted over wireless networks by forcing all of your data through a server run by a VPN provider. These providers encrypt all of the data providing, again, another layer of protection. These require a simple, low-cost software download from any of a number of reputable providers. This is especially important if you regularly use public wifi networks (e.g. coffee shops, NYC parks & subways, etc). Anyone on these networks can access your data if itā€™s unprotected.
3 Use a secure browser (e.g. Opera). These run security checks in the background while you browse (checking for phishing, malware, etc) and many also include free built-in VPN software.
None of these will guarantee that youā€™re 100% safe, but youā€™re far better off with them than without.

Philosophy

You know that philosophical question, ā€œif a tree falls in a forest and no one is around to hear it, does it make a sound?ā€ Iā€™ve been thinking about my own version. ā€œIf a person apologizes for a certain wrongdoing that theyā€™ve committed, but the victim is not around to hear it, did the apology actually happen?ā€ I would answer ā€œno” to both questions. In the first, the tree hitting the ground would clearly disturb the adjacent air creating sound waves. But ā€œhearing,ā€ that involves those same sounds waves interacting with an ear drum and the associated nerve endings that translate those vibrations into an intelligible signal. In my own version of the question, the same logic applies. Yes, the apology is spoken, but the act of apologizing, if it is to be at all meaningful, involves both the speakerā€™s message and the listenerā€™s reception and interpretation thereof. So even if the apology is heard, but there is no eye contact or a lack of conviction in the voice of the apologizer, weā€™ve adulterated the content of the words.
I began thinking about this when someone posted on Facebook about whatā€™s often referred to as the Apology to Native Peoples. I wouldnā€™t be surprised if youā€™ve never heard of it (I had not before coming across this post). In essence, this was a resolution signed by President Obama in 2009 as an acknowledgment of the depredations and mistreatment of Native Americans by the US government. A formal apology of sorts. I see two glaring problems right off the bat.
First, the delivery. The resolution was quietly passed, buried deep within the Defense Appropriations act of 2009 (not an obvious location for such a resolution). But no attention was drawn to it. Itā€™s almost like the apology was whispered under the breath so that no one could hear it. Not an apology at all if you ask me. If no one can hear it, itā€™s safe to assume that the act itself is narcissistic or inward focused. It serves to remove some guilt or responsibility, without putting the speaker at any risk or empathizing with the listener.
Secondly, the language.
“Whereas the arrival of Europeans in North America opened a new chapter in the history of Native Peoples.ā€
A new chapter?!?! Are you kidding me?? Letā€™s drop the warm and poetic language and call a spade a spade.
“Whereas while establishment of permanent European settlements in North America did stir conflict with nearby Indian tribes, peaceful and mutually beneficial interactions also took place.ā€
Peaceful and mutually beneficial? šŸ˜‚šŸ˜‚ What a joke!
“Whereas Native Peoples and non-Native settlers engaged in numerous armed conflicts in which unfortunately, both took innocent lives, including those of women and children.ā€
Innocent lives taken on both sides? More like genocide or extermination of one side and flourishing on the other.
There is so much power in language. What is said is often less important than how it is said.
All of this makes me think about my own progress in delivering apologies. I, for one, can say I have a long way to go. Iā€™ve often delivered apologies while staring at the floor, using defensive language, voice raised, arms crossed, and no eye contact. If I canā€™t do any better, our nation and our federal government likely canā€™t either. šŸ˜© Come one! Weā€™re better than that!

My Latest Discovery

On the same topic of native peoples, Layli Long Soldier is both a US citizen and a citizen of the Oglala Lakota Nation (a Native American Tribe). She is also an incredible poet. And, Iā€™ve discovered that April happens to be National Poetry Month. I thought I would share one of her exquisite yet painful compositions called “38.”

I would highly recommend you listen, but if you prefer to read, you can do so here.

Question Of The Week

When is it ok to copy?
Iā€™m thinking about this in the wake of rampant copying by Facebook. After seeing the success of SnapChat, Zuckerberg has basically copy/pasted SnapChatā€™s best features, pixel for pixel, into all 4 Facebook properties (WhatsApp, Instagram, Messenger, And Facebook).
Iā€™m specifically thinking about this in relation to other great innovations that have been copied and commoditized. In the digital realm, think about the like button or the news feed. Basically every social application now has both. Someone had to be first. In cars, what about sunroofs? Whoever came up with the sunroof is a genius. Now every car on the block has one. The inventor must be pissed!
When does copying stop being the sincerest form of flattery and become plagiarism? Should there be more IP protection for digital products? Would this impact innovation in a negative way? So many questions!